Monday 30 March 2026Afternoon Edition

ZOTPAPER

News without the noise

Cybersecurity

Former NSA Cyber Boss Says Claude AI Attack Report Was a Rorschach Test for Infosec

Rob Joyce tells RSAC 2026 audience that Chinese spies using Claude to automate attacks shows how relentless AI agents can find holes humans miss

Zotpaper2 min read
The Anthropic report revealing Chinese cyberspies had abused Claude AI to automate cyberattacks served as a Rorschach test for the information security community, according to former NSA cybersecurity director Rob Joyce speaking at RSAC 2026.

Joyce told the audience that the attacks demonstrated something the security community has been debating for years: AI agents can find and exploit vulnerabilities with a relentlessness that human attackers cannot match. "It freakin' worked," he said, describing how the AI-automated approach allowed attackers to probe systems continuously without fatigue.

The original Anthropic report, published in late 2025, detailed how Chinese intelligence operatives had used Claude to automate reconnaissance, identify attack surfaces, and generate exploit code. The revelation split the infosec community, with some seeing it as proof that AI safety measures are insufficient and others arguing it simply accelerated techniques that were already well known.

Joyce framed the divide as revealing about the industry itself. Those focused on defence saw a terrifying escalation. Those focused on offence saw an inevitable evolution. Both were looking at the same data and drawing different conclusions — hence the Rorschach test analogy.

The talk comes as the relationship between AI companies and government agencies remains fraught, with the Pentagon recently cutting ties with Anthropic despite being close to a deal.

Analysis

Why This Matters

AI-automated cyberattacks represent a qualitative shift in threat capability. The fact that a former NSA leader is publicly alarmed should get attention from anyone responsible for defending networks.

Background

The original Claude abuse report was one of the first documented cases of a major AI model being weaponised by a state-sponsored hacking group. It raised questions about whether AI companies can prevent their models from being used offensively.

Key Perspectives

Joyce's Rorschach framing is useful — the same evidence genuinely does support different conclusions depending on your threat model and role. But the consensus seems to be shifting toward acknowledging that AI-powered attacks are already here.

What to Watch

Whether AI companies develop better abuse detection, and whether governments push for mandatory reporting when models are used in attacks.

Sources